Google Apps users getting encrypted messaging that goes beyond Gmail

Google is making available a service to allow its enterprise customers to send and receive encrypted e-mail to users of non-Google mail systems, including Yahoo and Microsoft Exchange.

Google Apps Message Encryption (GAME) was designed specifically for Google Apps by Zix Corp, which for over a decade has enabled subscribers to send encrypted e-mail to recipients, who in turn must enroll to be notified of and access such messages.

According to Zix CEO Rick Spurr, Google's GAME service will be offered directly by Google to its customers, and the portals set up for encrypted e-mail outside Google Apps will have the customers' brand name associated with them.

"We set up a custom portal for them," says Spurr. However, behind the scenes, Zix will be receiving the e-mail from Google that needs to be encrypted for transmission to any e-mail system outside the Google ecosphere.

"Google decides if the receipt is within its system or not," says Spurr, noting that Google already has a method for encryption of e-mail if the sender and the recipient are both Google Apps customers. The existing Google Message Encryption costs about $35 per user per year, and GAME is expected to be the same.

Many industries, such as healthcare and financial, have to comply with regulations that require sensitive content be encrypted, especially for transmission across the Internet. The addition of GAME as a service that encrypts messages outside of Gmail could make Google's cloud-based service a bigger draw to enterprises that must use encrypted e-mail with business partners. According to Zix, here's how the encryption options available in GAME are expected to work:

- Google will have automated scanning and encryption to identify sensitive information, and the e-mail would then be sent encrypted using Zix, with virtually no end user intervention anticipated.

- The sender could trigger encryption by using a keyword supplied by Google, which might be as easy as "encrypt."

- For recipients who receive a GAME-encrypted email, the decryption options would be automatic encryption if they happen to be a Zix customer, with the email transparent in the inbox without the user needing to enter passwords or take extra steps.

- For anyone not using Zix e-mail encryption, encrypted e-mail would be delivered to a secure portal and a notification email would alert recipients of a new secure message to be retrieved.

Latest Videos

​Email fraud is nothing new, but online criminals have become ever more-effective at spoofing their identities to trick employees into sending them money. The Australian Centre for Cyber Security (ACSC) recorded losses of over $20M to business email compromise (BEC) attacks last year alone, up 230 percent over the previous year – and the full amount is certain to be much larger.​

No matter how robust your security, or how diligent your employees, network credentials are a free pass for cybercriminals. This is mostly because employees are relied upon for their own password management. And with more than 4.8 billion sets of stolen credentials said to be available online, odds are that at least a few of your employees’ user IDs and passwords are just waiting to be used by unscrupulous outsiders. Are you ready to stop them?

Cyber resilience will be particularly important as Australian organisations face increased pressure to quickly detect, respond to, and manage the repercussions of breaches in the wake of 2018’s Notifiable Data Breaches (NDB) scheme.

Copyright 2018 IDG Communications. ABN 14 001 592 650. All rights reserved. Reproduction in whole or in part in any form or medium without express written permission of IDG Communications is prohibited.